package com.msb.dongbao.portal.web.interceptor;

import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.toolkit.StringUtils;
import com.msb.dongbao.common.base.TokenException;
import com.msb.dongbao.common.base.annotations.TokenCheck;
import com.msb.dongbao.common.util.BodyReaderHttpServletRequestWrapper;
import com.msb.dongbao.common.util.JwtUtil;
import com.msb.dongbao.ums.entity.UmsMember;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;

/**
 * @author: mayu
 * @date: 2021年05月27日 15:54
 */
@Slf4j
public class AuthInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        log.info("进入AuthInterceptor拦截器...");

        HandlerMethod handlerMethod = (HandlerMethod) handler;
        Method method = handlerMethod.getMethod();
        if (method.isAnnotationPresent(TokenCheck.class)) {
            TokenCheck tokenCheck = method.getAnnotation(TokenCheck.class);
            if (tokenCheck.required()) {
                //获取请求body中的参数
                //String bodyString = HttpHelper.getBodyString(request);
                String bodyString = BodyReaderHttpServletRequestWrapper.getBodyString(request);
                //UmsMember umsMember = JSONObject.toJavaObject(JSON.parseObject(bodyString), UmsMember.class);
                UmsMember umsMember = JSONObject.parseObject(bodyString, UmsMember.class);

                //获取请求头中的token
                String token = request.getHeader("token");

                if (StringUtils.isBlank(token)) {
                    throw new TokenException("token为空");
                }

                String subject = "";
                try {
                    //解析token，验证token有效性
                    subject = JwtUtil.parseToken(token);
                } catch (Exception e) {
                    e.printStackTrace();
                    throw new TokenException("token异常");
                }

                //验证token准确性
                if (!(umsMember.getId() + "").equals(subject)) {
                    throw new TokenException("非法操作");
                }

                return true;
            }
        }
        return true;
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
        HandlerInterceptor.super.postHandle(request, response, handler, modelAndView);
    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
        HandlerInterceptor.super.afterCompletion(request, response, handler, ex);
    }
}
